Let’s Talk About Digital Identity with Ben Cronin, Managing Director at UBO Service.

In episode 39 of LTADI, Oscar talks to Ben about UBO Service and the challenges it solves around verifying Ultimate Beneficiary Owners, how UBO Service is leveraging Legal Entity Identifiers (LEIs) for KYC and enhanced CDD, and the Global LEI Foundation’s validation agent (VA) framework.

[Scroll down for transcript]

“It was very obvious to us that adding the LEI to that identification piece was very powerful because you’re really identifying and verifying the entity to a very high standard. By using data that we get from official government registries – adding that to an LEI just makes complete perfect sense to us.”

Ben Cronin headshotSerial entrepreneur Ben Cronin founded GBR (Global Business Register) in 2008. GBR morphed into Kyckr over the following years and Kyckr listed on the Sydney Stock Exchange in 2016, providing commercially proven products for the authentication of businesses globally. His roles at Kyckr included Managing Director and Chief Data Officer. Ben is a supporter of Max Schrem’s organisation, NOYB – European Centre for Digital Rights; the fight for data privacy is important for all citizens. Ben played professional rugby with Munster and Ireland in the 90’s. His other interests include tennis, whisky, science and family!

Find Ben on LinkedIn and on Twitter @Ben_Cronin.

Ben Cronin is currently Managing Director at UBO Service. UBO Service offers an innovative new solution for obliged entities to capture accurate Ultimate Beneficial Owner (UBO) declarations in real-time.

Find out more about UBO Service at www.uboservice.com.

UBO Service is in partnership with Ubisecure’s Legal Entity Identifier service, RapidLEI. Read more about the partnership in the press release: https://www.ubisecure.com/news-events/ubo-service-lei-validation-agent/

We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!

 

Subscribe to
Let's Talk About Digital Identity

Or subscribe with your favorite app by using the address below

 

Podcast transcript

Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla.

Oscar Santolalla: Hello and thanks for joining today. We have been in the last months talking once about the LEI, the Legal Entity Identifiers. And today, we’re going to hear very innovative business models that combine some of the solutions to the challenges with LEIs. And for that, we have a very interesting guest today who is Ben Cronin. Ben is Managing Director at UBO Service.

Serial entrepreneur Ben Cronin founded Global Business Register in 2008. Global Business Register morphed into Kyckr over the following years and Kyckr listed on the Sydney Stock Exchange in 2016. Kyckr provided award-winning, commercially proven products for the authentication of businesses globally. Kyckr developed APIs and cloud-based decision engines for best-in-class KYC (Know Your Customer), due diligence and customer on-boarding.

Ben is a supporter of Max Schrem’s organisation, NOYB – European Center for Digital Rights; the fight for data privacy is important for all citizens. Ben has played professional rugby with Munster and Ireland in the ‘90s. Other of his personal interests include tennis, whisky, science and family!

Hi Ben.

Ben Cronin: Hello, Oscar. How are you?

Oscar: Very good. It’s a pleasure having you today to hear about very innovative services and business models that UBO Service is offering today. So, before talking on that, I would like to hear even a bit more about you. Please tell us how your career led you to this world of digital identity.

Ben: Thank you Oscar. And as you mentioned, I was fortunate enough to play professional rugby. So in the ‘90s, the game rugby went professional in 1995 and I was fortunate enough to be I suppose playing at a level that I played. It came when I was amateur and then when it went professional I started getting paid to something that I loved which was fantastic. I did that for about 10 years.

And I guess, when I finished that I needed to get a real job. I needed to go back to something normal. I had done business studies in college and I started a couple of businesses in the early 2000s that were very much related to property and property development which at that time was relatively a good route to pick as I’m Irish and I’m based in Ireland and at that time Ireland was going through a property boom and that business was quite successful for a number of years.

And then when the financial meltdown happened in 2007, 2008, at that stage I had in my head an idea that became GBR Direct, a company called GBR Direct, and this company then became Kyckr. And the idea was simple. The idea was to build a connection to all the company houses across Europe, and ultimately, across the world. So, all companies – or all countries generally have a government-run registry where you register companies and the one in Ireland called the Companies Registration Office, the Companies House is the one in the UK. And you’ve got versions of company houses all over the world.

But what I could see in terms of the idea was that these registries were all quite insular and the idea was just to be build one access point to all the registries. And when we first launched the service, I set up the business with a friend of mine called Robert Leslie. In 2007, we registered the company and we really didn’t have a product going until 2009. And when we went live in 2009, we had 12 countries in our network so that meant customers that needed company data from various countries could log it to one service, get access to 12 European countries through one portal and ultimately through one API. And our target customers then were banks, financial institutions who had obligations to source that kind of data.

We then focused on building out that network. And when I left Kyckr in early 2020, Kyckr had over 200 registries in their network. So that network grew over the years to be a full global service. And customers that consume that data and continue to do will be all of the big financial institutions – the likes of Bloomberg, Citigroup, JP Morgan and thousands of other users that would be working in that financial services space.

And that was the genesis of the company and we – over that period also started building out other services that were based on that access to that data. And that really is a space that is very highly regulated and the more regs that came down from the EU or from the FCA in UK or the SEC in the States, those are all regulators and they were big drivers of business for Kyckr. We were fortunate enough to do an IPO with Kyckr on the city stock exchange in 2016.

And I left Kyckr in January 2020 to setup this new business that we call UBO Service. UBO standing for Ultimate Beneficiary Owner. And that’s where we’re at. And so, I’ve worked all through COVID at building this business and essentially we went live with the service in December of 2020 and we fully went live with our portal and our APIs in first week of January.

Oscar: Mm-hmm. Yeah, fantastic. Now, after this long experience in following as a founder of Kyckr, now, UBO Service is this new venture you have and I can see from and you have a very innovative business models. But before telling us about UBO Service, tell us – if you can paint a picture for everybody the problems, the challenges that we have today in UBO Service is solving.

Ben: Yeah, sure. So, everything I’ve done with UBO Service has been influenced I suppose by my background with Kyckr. Kyckr is a fantastic service and what it’s really good at is getting access to prime resource data, which regulators would always rank as the best of data. However, there’s- legislation has come out after us probably over the last 10 years, anti-money laundering directives in particular in Europe, the 4th, the 5th and now the 6th directive have all come out as I said in the last number of years. And they’re all pushing for more transparency, more obligations for companies to understand who they’re doing business with.

Do you know your customer and do you know who owns the company that you’re doing business with? And these are all, as the AML directive suggests, this is all about anti-money laundering and countering money laundering and particularly in the financial sector. But also, across a much broader set of companies that would now be referred to as obliged entities. These would include financial institutions, banks, funds, foreign exchange, state agents. lawyers, accountants and more. So, there’s a much bigger cohort of obliged entities now than ever before.

One of their obligations is to understand who owns the companies that they’re doing business with. And this is important in the context of when you’re onboarding, if you’re an obliged entity and you’re onboarding new customers and those customers are corporates or companies, obliged entities now have to find out who owns that company, who is the natural person that has control or ownership of that company.

And this legislation is European-wide at the moment but we see that other countries are starting to follow suit and there’s now a beneficiary owner registry going to be created in United States, in Canada, Australia, New Zealand, They’re talking about it in Singapore, Hong Kong, across Asia. So there’s a real momentum in governments establishing beneficial owners.

One of the problems though is that what we saw over the last number of years is that companies have an obligation to find out who the beneficiary owners of that the company are. They may be able to find that out from their own government registry but they have to confirm that against other sources and there’s two ways of doing that. You can confirm it against other reliable sources or you can confirm it with the company themselves. And this is the essence of what UBO Service is.

We feel that it’s more appropriate, that is a better quality, if we get UBO information confirmed by a director of the company itself. And what we do is we facilitate that process on our portal and through our APIs. We can allow a director of a company who is legally mandated to sign on behalf of their company. And they can sign a declaration to say that the beneficiary owners of our company are as follows. But we facilitated that on with a digital signature on our platform and it’s a very, very slick and easy process.

And we think it’s better in terms of quality than relying on other data sources because we have a view that other data sources aren’t – may not be so reliable. And there are issues with out-of-date data being used if you go to other data sources. And that’s the essence of the service. We capture information on the beneficiary owners of the company. And then we get a director of that company live to sign and confirm who the beneficial owners of that company are. And then we match, we see to it that those two datasets match. And if they match then our customers who are obliged entities can then be satisfied that they’ve done the appropriate checks to onboard that customer. And that’s kind of the essence of the service, Oscar.

Oscar: Yeah, absolutely. I can see as you said the cohorts, the type of organisations that are now obliged to follow such regulations, it’s growing, which is a good thing. And yeah, I can see you have the solution for that. I also know that because we are working now, Ubisecure and UBO Service, is starting to work together and you are starting to use LEIs. Please tell us a bit as a refresher what LEIs are and then how it comes to the formula for UBO Service.

Ben: Yes, so the LEI is a 20-character alphanumeric code. It’s based on an ISO standard. And it was essentially created by the Financial Stability Board in 2014 which is essentially the G20 organisation. And it’s designed to be a unique identifier for an entity. And key to it is that it connects the key reference information that enables clear and unique identification of legal entities participating in financial transactions.

So, because it’s a unique identifier and it’s essentially a code, this allows for enhanced transparency when you’re doing business, or when a company is doing business, particularly if you’re doing business with another entity that might be an overseas entity. If you know their LEIs, then there’s enhanced I suppose transparency in that. And then you can answer questions to yourself about who is this company, who owns this company. The LEI helps facilitate an understanding of the ownership structure of that entity or that company. And it essentially puts all the LEI data also into a global directory which means companies can look up that data in a really easy way.

And LEIs are managed by GLEIF which oversees and collects and runs this database or global directory. And that really makes it easier to kind of check out the bona fides of an entity that you are doing business with. And that’s the essence of what an LEI is. Because it’s a unique identifier, it can– it’s much more efficient for lot of reasons. There is an assumption, everybody assumes that company names are unique but in many jurisdictions, the company name is not unique to that one company. And the LEI is always a unique identifier within the global system. And that is really important to cut down on errors and to really kind of push your bona fides or transparency about your entity or the entity you want to do business with.

Oscar: And why the LEIs are useful for UBO Service?

Ben: Well, in terms of what we’re trying to do, I suppose one of the central tenets of anti-money laundering rules and know your customer rules, there’s a couple of steps that obliged entities are required to take. And one of them is a very simple sounding I suppose but one point step is to identify and verify the company. And this is simply verifying a confirmed company registered name, registered number, registered address, registered status. And everything then flows down from those data points. Once you establish those data points against an official source, everything flows appropriately and accurately from that point on.

When we looked at what LEIs bought to the table and the way LEIs were structured and set up, it was very obvious to us that adding the LEI to that identification piece was very powerful because you’re really identifying the entity and verifying the entity to a very high standard by using data that we get from official government registries. Adding that to an LEI just makes complete perfect sense to us. Because there are number standards inherent in getting an LEI issued and that really feeds into our mantra about using official, appropriate and the best in class data sources when you’re onboarding a customer. So, by getting that right at that early stage, the lifecycle of that customer is much easier to manage if you capture the really accurate information at the start.

And then other checks can be built into our service would include confirming who directors are, who board members are, confirming who shareholders are, confirming who beneficial owners are, everything feeds much more effectively from that starting point if you get the data really accurate at that first starting point. And LEI gives us I suppose- continues that kind of really high standard of verification check that we are trying to build into our UBO Service.

Oscar: And in the processes of know your customer, customer due diligence, enhanced due diligence, how the LEI issuance process is adding value into that? Please tell us about that.

Ben: Yeah, absolutely. So, there are various standards that apply to obliged entities that require the obliged entities themselves to understand risk profile of their customers. So generally, across the industry, a bank or a financial institution will have certain methods to score customers. And they generally divide them in to three brackets: Low risk, Medium risk and High risk. And very often banks would have rules that they interpret themselves in order to kind of create these three brackets.

Obviously, with the low risk customers, the majority of standard retail buyer, the majority of their customers will be low risk. But when they get into medium and higher risk, they’ve got more obligations basically to do further checks and one of the obligations is to essentially do enhanced due diligence particularly for high risk customers. Because the bank may have – may deem this customer to be high risk for a variety of reasons. And when they’re deemed high risk, enhanced due diligence is more appropriate.

And what’s really important for obliged entities is that they apply – they can show to a regulator how they risk profile their customers and then how they treated high risk customers differently than low-risk customers in terms of the scrutiny and the level of checks that they introduce in their enhanced due diligence process. And our view was that we had a service that was of a standard, a very high standard but we knew we had customers who would look to do enhanced due diligence on certain customers of theirs. So, our approach was to allow our customers that when they are onboarding customers, their customers, using our service that they could sign up for an LEI whilst they were onboarding their customers.

Our service has RapidLEI API embedded so that an LEI can be issued in the process as well as a UBO Service report we can also get an LEI issued through the RapidLEI infrastructure that we’ve embedded in our service. And that just means that when the regulator checks with the obliged entity, they can see that the obliged entity has enhanced due diligence around that customer. And that can include more than just the standards stuff obviously, but stuff that can be screened – individuals can be screened using our service for politically exposed persons or sanctioned list or negative press.

And also with the service that ID and verifies the directors as well. And all ID information can be captured into the UBO Service report. The LEI tagged on to that as well, which also does other checks on signatories and shareholders and together connectively it’s a very robust enhanced due diligence report. And that is something that our customers are asking for already.

Oscar: Just a clarification, when you mentioned high risk customer, that’s because of the nature of this customer or is it because based on some credit reports or…

Ben: Yeah, it can be mixed. So, generally, a financial institution or bank would have a number of parameters and when a customer comes in, if a customer is involved in a certain industry, it might be deemed high risk. So, explosives manufacturing might be an obvious one or if they’re in a location that’s high risk. Geographically, if they are from a certain geo, a bank might deem that to be high risk because they’re not au fait with that region or that country.

So, there are many, many reasons why a bank would deem a customer high risk. It could be because the customer is of a size, there’s more money coming through. So it requires more due diligence because it’s a bigger customer. That’s- all these financial institutions and banks would generally work off the set rules but they would interpret it in different ways. And they will all have their own versions of scoring, scoring customers as they come in. And credit scores can easily be part of that as well.

Oscar: OK. Yes. Yeah. Every financial institution for instance is assessing who is high risk customer and who is not.

Ben: Absolutely. Exactly. Yeah.

Oscar: Sure. I know that UBO Service is in the process of working with RapidLEI and the GLEIF to gain Validation Agent approval, so please tell us about that.

Ben: So, GLEIF announced in September 2020, a validation agent framework, and essentially, what they’re trying to build, what GLEIF is trying to introduce is something that enables financial institutions to improve their customers’ experience, accelerate client lifecycle management, reduce the cost of know your customer checks and anti-money laundering onboarding.

And for the very same reasons that I would have outlined on this discussion around why LEIs are important. In my view and in my customer’s view, through their onboarding process, GLEIF taken the view that where the process that’s embedded, and if you consider the process we’ve embedded, GLEIF made the process to be such a high standard that it may be possible for us to issue LEIs whilst onboarding customers on behalf of banks, for example. And that’s very neat in the context of UBO Service selling a service into a bank, whereby we can say that a bank can toggle a button and order an LEI whilst the same process is going on for us to issue there with a UBO Service report.

So, by essentially toggle a button the issuance of an LEI comes automatically if they get through the UBO Service process. That’s really efficient in terms of the technology and the GLEIF, and I suppose it’s Ubisecure’s job, and this is an ongoing discussion right now where Ubisecure and RapidLEI are talking to GLEIF and explaining how the UBO Service process work. And assuming that GLEIF are satisfied with that process then we can start issuing banks with LEIs for their customers as and when they need them.

The attraction for a bank is that they’ve got one integration to do with their UBO Service. And within that one integration they can also just switch on LEI issuance as well. And that’s just a very efficient process. So it’s all about- the proposition of banks is that a bank can streamline its current onboarding and lifecycle management process. It’s thereby improving customer experience and it can also use the LEI as an innovative service offering. So, it’s much more efficient for a bank to take that all in one service instead of taking a UBO Service that facilitates onboarding and then trying to buy LEIs over there. We’re trying to melt that all into one process and that’s super exciting and hopefully some banks will see that as being an exciting proposition for them as well.

Oscar: Yeah, absolutely. It sounds very efficient. It sounds like a really powerful value proposition.

Ben: The general point about it Oscar is that it just- it’s a better customer experience. I mean banks, when they’re onboarding customers, there was a bit of a pain point for customers and there’s a huge amount of research as to customer dropout rate when being onboarded for financial institutions, it can be quite high. And customer friction is something banks don’t like.

The beauty of having the LEI issuance piece or service is that you’re really only interacting with that end customer at that onboarding point. And you’re facilitating them and making it as easy as possible for them to essentially set up their account. And you’re going to them – in one go, you’re just being far more efficient in that one interaction with the customer. And a lot of what we’re trying to do is we’re trying to automate that and that requires one interaction with the customer.

In certain edge cases, it may require one or two or maybe three interactions to customer, but if that’s only the edge cases that’s really positive. Because at the moment, there’s a lot of to and fro with the customer; we’re trying to facilitate just one customer contact at the start. And if you do it right at the start it’s far easier to kind of keep that up-to-date downstream.

Oscar: Yeah, I couldn’t agree more. Ben, last question I would like to ask you is for all business leaders that are listening to us now, what is the one actionable idea that they should write on their agendas today?

Ben: Well, this is something that I’ve learned and it’s a phrase that goes like this, “Sales go up and down, service stays forever.” Now, I’m not sure it’s an action point but it’s a lesson that I’ve learned and it struck me when Robert Leslie and I setup GBR Direct in 2007. We were a two-man operation trying to sell a service into banks and into the big international banks in particular, which were our sweet spot customers. That was hard, as you can imagine, we were a two-man operation in Waterford in Ireland and we were over in London trying to sell it to the big banks.

And we kind of made a promise to ourselves, the one thing we would do is that we had a phrase and it was whenever there was an error or a problem, if somebody hit our help desk which was essentially managed by Rob and I, we had a phrase, “We’re going to kill them with kindness.” So, all that was about was we’re tiny so they’ve come to us and they have an issue or they have questions, let’s really be reactive and really enhance our service back to them. And they may remember us and they stick with us.

And our first two customers from our very first expo in London, the first two customers were Deutsche Bank and UBS, two huge banks. And they are still customers of Kyckr now because we just established a rapport with them. And we were just all over them whenever there was issues. Because we were getting a benefit from them obviously but we were getting an added benefit from them in that we were able to react to any issues that they had and questions and enhance our service over time. And we could do that because we were killing them with kindness, we’re giving free data, we’re giving free documents, we’d really, really go over the top. And they remembered us first and that’s why service stays forever.

Oscar: Mm-hmm. Absolutely. I like a lot this learning point that you just gave us. And yeah, service is really part of your business because it’s UBO Service. Fantastic. It was a pleasure talking with you, Ben. Please tell us how people can get in touch with you or find more about UBO Service, what are the best ways for that?

Ben: Our website is uboservice.com, spelled U-B-O-S-E-R-V-I-C-E, uboservice.com. And on that website, there’s access to our portal. Follow us on Twitter, LinkedIn with us and we’re very active on social media and we are positioning ourselves as expertise in know your customer and anti-money laundering. Our team is very strong and very experienced in that space. And all can be accessed on our website.

Oscar: Excellent, many ways to find you. And again, it was a pleasure talking with you Ben and all the best.

Ben: Thank you, Oscar.

Thanks for listening to this episode of Let’s Talk About Digital Identity produced by Ubisecure. Stay up to date with episodes at ubisecure.com/podcast or join us on Twitter @ubisecure and use the hashtag #LTADI. Until next time.

[End of transcript]